* bug#26390: Guitarix: Don't use webkitgtk-2.4
@ 2017-04-07 11:57 Leo Famulari
2017-04-07 12:31 ` Ricardo Wurmus
0 siblings, 1 reply; 3+ messages in thread
From: Leo Famulari @ 2017-04-07 11:57 UTC (permalink / raw)
To: 26390; +Cc: Ricardo Wurmus
[-- Attachment #1.1: Type: text/plain, Size: 405 bytes --]
Webkitgtk-2.4 is unmaintained upstream and contains a large number of
security vulnerabilities. The webkitgtk developers have asked
distributions to stop offering it. [0]
This patch removes webkitgtk-2.4 from guitarix. Guitarix builds and
starts without; I don't know what features are disabled.
Ricardo, what do you think?
[0]
https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-security-updates/
[-- Attachment #1.2: 0001-gnu-guitarix-Disable-webkit-features.patch --]
[-- Type: text/plain, Size: 1004 bytes --]
From b19ec539033acdbdbf1d99989d39528e7350646c Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Fri, 7 Apr 2017 07:44:05 -0400
Subject: [PATCH] gnu: guitarix: Disable webkit features.
The only version of webkit supported by guitarix is unmaintained and contains a
large number of security vulnerabilities, and is due to be removed from Guix.
* gnu/packages/audio.scm (guitarix)[inputs]: Remove webkitgtk/gtk+-2.
---
gnu/packages/audio.scm | 1 -
1 file changed, 1 deletion(-)
diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm
index 9dc679734..9acccaf11 100644
--- a/gnu/packages/audio.scm
+++ b/gnu/packages/audio.scm
@@ -1166,7 +1166,6 @@ patches that can be used with softsynths such as Timidity and WildMidi.")
("jack" ,jack-1)
("gtkmm" ,gtkmm-2)
("gtk+" ,gtk+-2)
- ("webkitgtk/gtk+-2" ,webkitgtk/gtk+-2)
("fftwf" ,fftwf)
("lrdf" ,lrdf)
("zita-resampler" ,zita-resampler)
--
2.12.2
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply related [flat|nested] 3+ messages in thread
* bug#26390: Guitarix: Don't use webkitgtk-2.4
2017-04-07 11:57 bug#26390: Guitarix: Don't use webkitgtk-2.4 Leo Famulari
@ 2017-04-07 12:31 ` Ricardo Wurmus
2017-04-07 13:38 ` Leo Famulari
0 siblings, 1 reply; 3+ messages in thread
From: Ricardo Wurmus @ 2017-04-07 12:31 UTC (permalink / raw)
To: Leo Famulari; +Cc: 26390
Leo Famulari <leo@famulari.name> writes:
> Webkitgtk-2.4 is unmaintained upstream and contains a large number of
> security vulnerabilities. The webkitgtk developers have asked
> distributions to stop offering it. [0]
>
> This patch removes webkitgtk-2.4 from guitarix. Guitarix builds and
> starts without; I don't know what features are disabled.
>
> Ricardo, what do you think?
Sounds good to me!
Webkitgtk was added only somewhat recently to the dependencies. When I
added it some time ago it was not optional AFAIR. If you’ve built it
successfully without webkitgtk that’s great.
It was used for a built-in plugin browser, I think.
--
Ricardo
GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC
https://elephly.net
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-04-07 13:39 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-04-07 11:57 bug#26390: Guitarix: Don't use webkitgtk-2.4 Leo Famulari
2017-04-07 12:31 ` Ricardo Wurmus
2017-04-07 13:38 ` Leo Famulari
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).